serpapi
Warn
Audited by Snyk on Feb 26, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 1.00). The skill's runtime fetch flow (scripts/search.sh) calls SerpAPI via curl to retrieve live Google/search/news/local results (https://serpapi.com/search.json), and scripts/format.py then parses and prints untrusted web/user-generated content (organic_results/news_results/local_results), so the agent will read and act on third-party pages' content.
Audit Metadata